package csbase.server.services.loginservice;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPConstraints;
import com.novell.ldap.LDAPException;
import csbase.exception.CSBaseException;
import csbase.exception.OperationFailureException;
import csbase.exception.ParseException;
import csbase.exception.PermissionException;
import csbase.exception.ServiceFailureException;
import csbase.logic.AdministrationEvent;
import csbase.logic.EncryptedPassword;
import csbase.logic.LoginAsPermission;
import csbase.logic.LoginPasswordCipher;
import csbase.logic.MDigest;
import csbase.logic.Permission;
import csbase.logic.PreLoginData;
import csbase.logic.SecureKey;
import csbase.logic.ServerURI;
import csbase.logic.Session;
import csbase.logic.User;
import csbase.logic.UserOutline;
import csbase.logic.openbus.OpenBusLoginToken;
import csbase.logic.server.ServerInfo;
import csbase.remote.ServerEntryPoint;
import csbase.server.Server;
import csbase.server.ServerException;
import csbase.server.Service;
import csbase.server.keystore.CSKeyStore;
import csbase.server.services.administrationservice.AdministrationService;
import csbase.server.services.messageservice.MessageService;
import csbase.server.services.openbusservice.OpenBusService;
import csbase.server.services.restservice.RestService;
import csbase.server.services.serverservice.ServerService;
import csbase.util.messages.IMessageListener;
import csbase.util.messages.Message;
import csbase.util.messages.filters.BodyTypeFilter;
import java.io.Serializable;
import java.io.UnsupportedEncodingException;
import java.net.InetAddress;
import java.rmi.Remote;
import java.rmi.RemoteException;
import java.security.DigestException;
import java.security.KeyPair;
import java.security.PublicKey;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.TimeZone;
import java.util.Timer;
import java.util.TimerTask;
import java.util.TreeMap;
import java.util.Vector;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;

/* loaded from: input_file:csbase/server/services/loginservice/LoginService.class */
public class LoginService extends Service {
    public static final String SERVICE_NAME = "LoginService";
    public static final String LOGIN_METHOD = "loginMethod";
    public static final String LOCAL_LOGIN_METHOD = "LOCAL";
    public static final String LDAP_LOGIN_METHOD = "LDAP";
    public static final String PRE_LOGIN_DELAY = "preLoginDelay";
    private static final String LDAP_TIMEOUT = "LDAPConnectionTimeout";
    public static final int LDAP_DEFAULT_PORT = 389;
    public static final String LDAP_PATTERN_USER = "[%U]";
    public static final String MAX_SIMULTANEOUS_SESSIONS = "maxUserSimultaneousSessions";
    private static final String USER_DATA = "USER_DATA";
    private static final long MINUTE_IN_MS = 60000;
    protected Hashtable<SecureKey, ServerSession> loggedUsers;
    public static final String REAL_USER_ATTRIBUTE = "realUser";
    private final Map<SessionLimiterKey, AtomicInteger> sessionCounter;
    private int maxSimultaneousSessions;
    protected Hashtable<String, PreLoginInfo> preLoggedUsers;
    private boolean localLogin;
    private List<String> LDAPServers;
    private Vector<Integer> LDAPPorts;
    private List<String> LDAPPatternList;
    private String LDAPCharSet;
    private long preLoginDelay;
    private Timer timer;
    private final Set<LoginServiceListener> listeners;
    private final Map<String, Integer> loginCounter;
    private final Map<String, Integer> failedLoginCounter;
    private Serializable consumerId;
    private KeyPair loginPasswordKeyPair;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:csbase/server/services/loginservice/LoginService$CheckPreLoginTask.class */
    public class CheckPreLoginTask extends TimerTask {
        private final Object token;

        public CheckPreLoginTask(Object obj) {
            if (obj == null) {
                throw new IllegalArgumentException("token == null");
            }
            this.token = obj;
        }

        @Override // java.util.TimerTask, java.lang.Runnable
        public void run() {
            if (LoginService.this.preLoggedUsers.remove(this.token) != null) {
                Server.logInfoMessage(String.format("Prelogin não confirmado para token %s", this.token));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:csbase/server/services/loginservice/LoginService$PreLoginInfo.class */
    public class PreLoginInfo {
        private final SecureKey sessionKey;
        private final User user;
        private final Locale locale;
        private final Map<String, Serializable> attributes;
        private final Map<String, Serializable> serverAttributes;
        private final Remote control;

        public PreLoginInfo(SecureKey secureKey, User user, Locale locale, Map<String, Serializable> map, Map<String, Serializable> map2, Remote remote) {
            if (secureKey == null) {
                throw new IllegalArgumentException("Chave de sessão não pode ser nula.");
            }
            if (user == null) {
                throw new IllegalArgumentException("Usuário não pode ser nulo.");
            }
            if (locale == null) {
                throw new IllegalArgumentException("O locale do usuário não pode ser nulo.");
            }
            this.sessionKey = secureKey;
            this.user = user;
            this.locale = locale;
            this.control = remote;
            this.attributes = new HashMap();
            if (map != null) {
                this.attributes.putAll(map);
            }
            this.serverAttributes = new HashMap();
            if (map2 != null) {
                this.serverAttributes.putAll(map2);
            }
        }

        public SecureKey getSessionKey() {
            return this.sessionKey;
        }

        public User getUser() {
            return this.user;
        }

        public Locale getLocale() {
            return this.locale;
        }

        public Map<String, Serializable> getAttributes() {
            return Collections.unmodifiableMap(this.attributes);
        }

        public Map<String, Serializable> getServerAttributes() {
            return Collections.unmodifiableMap(this.serverAttributes);
        }

        public Remote getControl() {
            return this.control;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:csbase/server/services/loginservice/LoginService$SessionLimiterKey.class */
    public static final class SessionLimiterKey {
        private final String superUser;
        private final String user;

        public SessionLimiterKey(User user) {
            if (user == null) {
                throw new IllegalArgumentException("login não pode ser nulo!");
            }
            this.superUser = user.getSuperUserLogin();
            this.user = user.getLogin();
        }

        public int hashCode() {
            return (31 * ((31 * 1) + (this.superUser == null ? 0 : this.superUser.hashCode()))) + (this.user == null ? 0 : this.user.hashCode());
        }

        public boolean equals(Object obj) {
            if (this == obj) {
                return true;
            }
            if (obj == null || getClass() != obj.getClass()) {
                return false;
            }
            SessionLimiterKey sessionLimiterKey = (SessionLimiterKey) obj;
            if (this.superUser == null) {
                if (sessionLimiterKey.superUser != null) {
                    return false;
                }
            } else if (!this.superUser.equals(sessionLimiterKey.superUser)) {
                return false;
            }
            return this.user == null ? sessionLimiterKey.user == null : this.user.equals(sessionLimiterKey.user);
        }

        public String toString() {
            return this.superUser != null ? this.superUser + ">" + this.user : this.user;
        }
    }

    public static void createService() throws ServerException {
        new LoginService();
    }

    public static LoginService getInstance() {
        return (LoginService) getInstance(SERVICE_NAME);
    }

    protected LoginService() throws ServerException {
        super(SERVICE_NAME);
        this.loggedUsers = new Hashtable<>();
        this.sessionCounter = new ConcurrentHashMap();
        this.preLoggedUsers = new Hashtable<>();
        this.loginCounter = new TreeMap();
        this.failedLoginCounter = new TreeMap();
        this.listeners = new HashSet();
        try {
            this.loginPasswordKeyPair = LoginPasswordCipher.generateKeyPair();
        } catch (Exception e) {
            throw new ServerException("Erro ao gerar o par de chaves pública e privada para criptografar e descriptografar a senha.", e);
        }
    }

    public PublicKey getPublicKey() {
        return this.loginPasswordKeyPair.getPublic();
    }

    public synchronized void addListener(LoginServiceListener loginServiceListener) {
        if (loginServiceListener == null) {
            throw new IllegalArgumentException("O listener não pode ser nulo.");
        }
        this.listeners.add(loginServiceListener);
    }

    public synchronized boolean removeListener(LoginServiceListener loginServiceListener) {
        if (loginServiceListener == null) {
            throw new IllegalArgumentException("O listener não pode ser nulo.");
        }
        return this.listeners.remove(loginServiceListener);
    }

    protected void fireSessionCreated(String str, Object obj, long j) {
        Iterator<LoginServiceListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().sessionCreated(str, obj, j);
        }
    }

    protected void fireUserLoggingOut(String str, Object obj, String str2, long j) {
        Iterator<LoginServiceListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().userLoggingOut(str, obj, str2, j);
        }
    }

    protected void fireConnectionLost(String str, Object obj, String str2, long j) {
        Iterator<LoginServiceListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().connectionLost(str, obj, str2, j);
        }
    }

    protected void fireSystemNameSet(String str, Object obj, String str2, long j) {
        Iterator<LoginServiceListener> it = this.listeners.iterator();
        while (it.hasNext()) {
            it.next().systemNameSet(str, obj, str2, j);
        }
    }

    @Override // csbase.server.Service
    public void initService() throws ServerException {
        this.timer = new Timer(true);
        loadAuthenticationProperties();
        try {
            install();
            this.maxSimultaneousSessions = getIntProperty(MAX_SIMULTANEOUS_SESSIONS);
        } catch (RemoteException e) {
            throw new ServerException((Throwable) e);
        }
    }

    private void loadAuthenticationProperties() throws ServerException {
        String stringProperty = getStringProperty(LOGIN_METHOD);
        if (!stringProperty.equals(LOCAL_LOGIN_METHOD) && !stringProperty.equals(LDAP_LOGIN_METHOD)) {
            throw new ServerException(String.format("Método de autenticação %s desconhecido!", stringProperty));
        }
        this.preLoginDelay = getIntProperty(PRE_LOGIN_DELAY) * MINUTE_IN_MS;
        if (stringProperty.equals(LOCAL_LOGIN_METHOD)) {
            this.localLogin = true;
            Server.logWarningMessage("Método de autenticação configurado para LOCAL.");
            return;
        }
        this.localLogin = false;
        this.LDAPServers = getStringListProperty("LDAPServer");
        if (this.LDAPServers.size() == 0) {
            throw new ServerException("Nenhum servidor LDAP definido para autenticação!");
        }
        this.LDAPPorts = new Vector<>();
        for (int i = 1; i <= this.LDAPServers.size(); i++) {
            this.LDAPPorts.add(Integer.valueOf(getIntProperty("LDAPPort." + i)));
        }
        this.LDAPPatternList = getStringListProperty("LDAPPattern");
        this.LDAPCharSet = getStringProperty("LDAPCharSet");
        Server.logInfoMessage("Método de autenticação configurado para LDAP.");
    }

    public void install() throws RemoteException {
        this.consumerId = MessageService.getInstance().setServerMessageListener(new IMessageListener() { // from class: csbase.server.services.loginservice.LoginService.1
            public void onMessagesReceived(Message... messageArr) throws Exception {
                for (Message message : messageArr) {
                    AdministrationEvent body = message.getBody();
                    if (!(body.item instanceof User)) {
                        return;
                    }
                    User user = (User) body.item;
                    Vector vector = new Vector();
                    Enumeration<SecureKey> keys = LoginService.this.loggedUsers.keys();
                    while (keys.hasMoreElements()) {
                        SecureKey nextElement = keys.nextElement();
                        ServerSession serverSession = LoginService.this.loggedUsers.get(nextElement);
                        if (serverSession == null) {
                            return;
                        }
                        if (serverSession.getUser().getId().equals(user.getId())) {
                            switch (body.type) {
                                case 2:
                                    serverSession.setUser(user);
                                    break;
                                case 3:
                                    vector.add(nextElement);
                                    break;
                            }
                        }
                    }
                    for (int i = 0; i < vector.size(); i++) {
                        LoginService.this.logout(vector.get(i));
                    }
                }
            }
        }, new BodyTypeFilter(AdministrationEvent.class));
    }

    @Override // csbase.server.Service
    public void shutdownService() throws ServerException {
        try {
            ReferedServerCache.getInstance().clear();
            uninstall();
            if (this.timer != null) {
                this.timer.cancel();
            }
        } catch (RemoteException e) {
            throw new ServerException((Throwable) e);
        }
    }

    public void uninstall() throws RemoteException {
        MessageService.getInstance().clearServerMessageListener(this.consumerId);
    }

    protected boolean has2Update(Object obj, Object obj2) {
        return true;
    }

    public boolean canChangePasswords() {
        return this.localLogin;
    }

    public boolean isLocalLogin() {
        return this.localLogin;
    }

    public PreLoginData preLogin(String str, String str2, Locale locale) {
        return preLogin(str, str2, locale, (Map<String, Serializable>) null);
    }

    public PreLoginData preLogin(String str, String str2, Locale locale, Map<String, Serializable> map) {
        if (str == null || str2 == null || locale == null) {
            throw new IllegalArgumentException("(login || password || locale) == null");
        }
        User checkLogin = checkLogin(str, str2, map);
        if (checkLogin == null) {
            return null;
        }
        return doPreLogin(checkLogin, locale, map, null, null);
    }

    public PreLoginData preLogin(String str, Locale locale, Map<String, Serializable> map) {
        User user;
        if (str == null || locale == null) {
            throw new IllegalArgumentException("(restToken || locale) == null");
        }
        try {
            String parserToken = RestService.getInstance().parserToken(str, null);
            if (parserToken == null || (user = AdministrationService.getInstance().getUser(parserToken)) == null) {
                return null;
            }
            return doPreLogin(user, locale, map, null, null);
        } catch (ParseException e) {
            return null;
        }
    }

    public PreLoginData preLogin(String str, String str2, Locale locale, String str3, Remote remote, Serializable serializable) {
        User checkLogin = checkLogin(str, str2);
        if (checkLogin == null) {
            return null;
        }
        if (str3 != null) {
            checkLogin = AdministrationService.getInstance().changeUser(checkLogin, str3);
            checkLogin.setSuperUserLogin(str);
            Server.logInfoMessage(String.format("Usuário %s foi delegado pelo usuário %s.", str3, str));
        }
        HashMap hashMap = new HashMap();
        hashMap.put(USER_DATA, serializable);
        return doPreLogin(checkLogin, locale, null, hashMap, remote);
    }

    public PreLoginData preLogin(String str, String str2, Locale locale, String str3) {
        User checkLogin = checkLogin(str, str2);
        if (checkLogin == null) {
            return null;
        }
        User changeUser = AdministrationService.getInstance().changeUser(checkLogin, str3);
        if (changeUser != null) {
            checkLogin = changeUser;
            checkLogin.setSuperUserLogin(str);
        }
        return doPreLogin(checkLogin, locale, null, new HashMap(), null);
    }

    private PreLoginData doPreLogin(User user, Locale locale, Map<String, Serializable> map, Map<String, Serializable> map2, Remote remote) {
        try {
            String digest = new SecureKey().digest();
            SecureKey secureKey = new SecureKey();
            CheckPreLoginTask checkPreLoginTask = new CheckPreLoginTask(digest);
            this.preLoggedUsers.put(digest, new PreLoginInfo(secureKey, user, locale, map, map2, remote));
            this.timer.schedule(checkPreLoginTask, this.preLoginDelay);
            Server.logInfoMessage(String.format("Prelogin de %s para o locale %s. Token: %s", user.getLogin() + getRealUserForLog(map), locale, digest));
            return new PreLoginData(secureKey, digest);
        } catch (DigestException e) {
            Server.logSevereMessage(String.format("Erro ao gerar digest para criação do token do usuário %s.", user.getLogin()), e);
            throw new ServiceFailureException("Erro ao gerar token para pré-login.");
        }
    }

    public Session login(String str, EncryptedPassword encryptedPassword, Locale locale) {
        return login(str, encryptedPassword, locale, null, null, null);
    }

    public Session login(String str, EncryptedPassword encryptedPassword, Locale locale, TimeZone timeZone) {
        return login(str, encryptedPassword, locale, null, timeZone, null);
    }

    public Session login(String str, EncryptedPassword encryptedPassword, Locale locale, String str2) {
        return login(str, encryptedPassword, locale, str2, null, null);
    }

    public Session login(String str, EncryptedPassword encryptedPassword, Locale locale, String str2, TimeZone timeZone, Map<String, Serializable> map) {
        if (str == null) {
            throw new IllegalArgumentException("login == null");
        }
        if (encryptedPassword == null) {
            throw new IllegalArgumentException("password == null");
        }
        if (locale == null) {
            throw new IllegalArgumentException("locale == null");
        }
        User checkLogin = checkLogin(str, LoginPasswordCipher.decrypt(encryptedPassword, this.loginPasswordKeyPair.getPrivate()));
        if (checkLogin == null) {
            incrCounter(this.failedLoginCounter, str);
            return null;
        }
        if (str2 != null) {
            checkLogin = AdministrationService.getInstance().changeUser(checkLogin, str2);
            checkLogin.setSuperUserLogin(str);
            Server.logInfoMessage(String.format("O usuário %s foi delegado pelo usuário %s.", str2, str));
        }
        incrCounter(this.loginCounter, str);
        Session createSession = createSession(new SecureKey(), checkLogin, locale, map, null, null);
        saveTimeZone(createSession.getKey(), timeZone);
        Server.logInfoMessage(String.format("Login de %s com locale %s. (%d sessão(ões) simultânea(s))", getLoginStr(checkLogin) + getRealUserForLog(map), locale, Integer.valueOf(this.sessionCounter.get(new SessionLimiterKey(checkLogin)).get())));
        return createSession;
    }

    private boolean isSameAddress(String str) {
        if (str == null) {
            throw new IllegalArgumentException("hostName == null");
        }
        try {
            if (InetAddress.getByName(str).isLoopbackAddress()) {
                return true;
            }
            return InetAddress.getByName(str).equals(InetAddress.getByName(Server.getInstance().getHostName()));
        } catch (Exception e) {
            Server.logSevereMessage("Erro resolvendo endereço IP.", e);
            return false;
        }
    }

    public Session login(ServerURI serverURI, Map<String, Serializable> map, boolean z, Object obj, String str, String str2, Locale locale, TimeZone timeZone) {
        Map<String, Serializable> isValidSession;
        try {
            User userByLogin = User.getUserByLogin(str);
            String realUserForLog = getRealUserForLog(map);
            if (userByLogin == null) {
                Server.logSevereMessage(String.format("Login por referência negado. Usuário %s inexistente.", str + realUserForLog));
                return null;
            }
            if (serverURI.getPort() != Server.getInstance().getRegistryPort() || !isSameAddress(serverURI.getHost())) {
                CSKeyStore cSKeyStore = CSKeyStore.getInstance();
                if (cSKeyStore == null) {
                    Server.logWarningMessage(String.format("Login por referência negado. Usuário %s. O repositório de chaves/certificados não existe.", str + realUserForLog));
                    return null;
                }
                if (!cSKeyStore.containsAlias(Server.getInstance().getSystemName())) {
                    Server.logWarningMessage(String.format("Login por referência negado. Usuário %s. O servidor não possui certificado cadastrado.", str + realUserForLog));
                    return null;
                }
                String privateKeyPassword = Server.getInstance().getPrivateKeyPassword();
                if (privateKeyPassword == null) {
                    Server.logSevereMessage("A senha da chave privada do servidor não foi informada.");
                    return null;
                }
                byte[] sign = cSKeyStore.sign(Server.getInstance().getSystemName(), privateKeyPassword, Server.getInstance().getSystemName());
                if (sign == null) {
                    Server.logSevereMessage("Login por referência negado. Usuário " + str + ". O servidor não possui chave gerada no repositório de chaves/certificados.");
                    return null;
                }
                ServerEntryPoint server = ReferedServerCache.getInstance().getServer(serverURI);
                if (server == null) {
                    Server.logSevereMessage("Login por referência negado. Servidor " + serverURI + " fora do ar");
                    return null;
                }
                if (!server.getVersionName().equals(Server.getInstance().getVersion())) {
                    Server.logSevereMessage("Login por referência negado. Servidor " + serverURI + " possui versão diferente deste.");
                    return null;
                }
                isValidSession = server.isValidSession(obj, Server.getInstance().getSystemName(), sign);
                if (isValidSession == null) {
                    Server.logSevereMessage(String.format("Login por referência negado. Usuário %s não foi validado no servidor %s.", str + realUserForLog, serverURI));
                    return null;
                }
            } else {
                if (!isValidSession(obj)) {
                    Server.logSevereMessage(String.format("Login por referência negado. Usuário %s não foi validado no servidor %s.", str + realUserForLog, serverURI));
                    return null;
                }
                isValidSession = this.loggedUsers.get(obj).getPropertes();
            }
            if (str2 != null) {
                userByLogin = AdministrationService.getInstance().changeUser(userByLogin, str2);
                userByLogin.setSuperUserLogin(str);
                Server.logInfoMessage(String.format("Usuário %s foi delegado pelo usuário %s.", str2, str + realUserForLog));
            }
            Session createSession = z ? createSession(new SecureKey(), userByLogin, locale, map, isValidSession, null) : createSession(new SecureKey(), userByLogin, locale, map, null, null);
            saveTimeZone(createSession.getKey(), timeZone);
            Server.logInfoMessage(String.format("Login de %s com locale %s. Validado por %s. (%d sessão(ões) simultânea(s))", getLoginStr(userByLogin) + realUserForLog, locale, serverURI, Integer.valueOf(this.sessionCounter.get(new SessionLimiterKey(userByLogin)).get())));
            return createSession;
        } catch (Exception e) {
            Server.logSevereMessage(String.format("Erro no login por referência para usuário %s do servidor %s.", str, serverURI), e);
            return null;
        }
    }

    public User checkLogin(String str, String str2) {
        return checkLogin(str, str2, null);
    }

    public User checkLogin(String str, String str2, Map<String, Serializable> map) {
        try {
            User userByLogin = User.getUserByLogin(str);
            if (userByLogin == null) {
                Server.logWarningMessage(String.format("Tentativa de login de usuário inexistente: %s.", str));
                return null;
            }
            if (map != null && str2.equals("") && map.containsKey(REAL_USER_ATTRIBUTE)) {
                if (canLoginAs((String) map.get(REAL_USER_ATTRIBUTE), str)) {
                    return userByLogin;
                }
                return null;
            }
            if (userByLogin.getId().equals(User.getAdminId()) || this.localLogin) {
                return localCheckLogin(userByLogin, str2);
            }
            Object attribute = userByLogin.getAttribute("forceLocalLogin");
            return (attribute == null || !attribute.equals(Boolean.TRUE)) ? authenticateUser(userByLogin, str2) : localCheckLogin(userByLogin, str2);
        } catch (Exception e) {
            Server.logSevereMessage(String.format("Erro no login de: %s.", str), e);
            return null;
        }
    }

    private boolean canLoginAs(String str, String str2) {
        boolean z = false;
        try {
            Iterator it = Permission.getAllPermissions().iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                LoginAsPermission loginAsPermission = (Permission) it.next();
                if ((loginAsPermission instanceof LoginAsPermission) && loginAsPermission.canLoginAs(str, str2)) {
                    z = true;
                    break;
                }
            }
        } catch (Exception e) {
            Server.logSevereMessage(String.format("Erro ao verificar permissões para usuário %s logar como: %s.", str, str2), e);
        }
        return z;
    }

    protected User authenticateUser(User user, String str) {
        return LDAPCheckLogin(user, str);
    }

    private User localCheckLogin(User user, String str) throws DigestException {
        if (user.getPasswordDigest().equals(MDigest.getDigest(str))) {
            return user;
        }
        Server.logInfoMessage(String.format("Login inválido de %s.", user.getLogin()));
        return null;
    }

    private User LDAPCheckLogin(User user, String str) {
        try {
            byte[] bytes = str.getBytes(this.LDAPCharSet);
            ArrayList<String> arrayList = new ArrayList(this.LDAPPatternList.size());
            Iterator<String> it = this.LDAPPatternList.iterator();
            while (it.hasNext()) {
                arrayList.add(it.next().replace(LDAP_PATTERN_USER, user.getLogin()));
            }
            for (int i = 0; i < this.LDAPServers.size(); i++) {
                String str2 = this.LDAPServers.get(i);
                int intValue = this.LDAPPorts.get(i).intValue();
                int intProperty = getIntProperty(LDAP_TIMEOUT);
                LDAPConnection lDAPConnection = new LDAPConnection(intProperty * 1000);
                LDAPConstraints constraints = lDAPConnection.getConstraints();
                constraints.setTimeLimit(intProperty * 1000);
                lDAPConnection.setConstraints(constraints);
                try {
                    lDAPConnection.connect(str2, intValue);
                    try {
                        for (String str3 : arrayList) {
                            try {
                                lDAPConnection.bind(3, str3, bytes);
                            } catch (LDAPException e) {
                                Server.logInfoMessage(String.format("%s rejeitado pelo servidor %s [%s].", str3, str2, e.resultCodeToString()));
                            }
                            if (lDAPConnection.getAuthenticationDN() != null) {
                                try {
                                    lDAPConnection.disconnect();
                                } catch (LDAPException e2) {
                                    Server.logInfoMessage(String.format("Erro ao desconectar do servidor %s [%s]", str2, e2.resultCodeToString()));
                                }
                                return user;
                            }
                        }
                        try {
                            lDAPConnection.disconnect();
                        } catch (LDAPException e3) {
                            Server.logInfoMessage(String.format("Erro ao desconectar do servidor %s [%s]", str2, e3.resultCodeToString()));
                        }
                    } catch (Throwable th) {
                        try {
                            lDAPConnection.disconnect();
                        } catch (LDAPException e4) {
                            Server.logInfoMessage(String.format("Erro ao desconectar do servidor %s [%s]", str2, e4.resultCodeToString()));
                        }
                        throw th;
                    }
                } catch (LDAPException e5) {
                    Server.logInfoMessage(String.format("Conexão rejeitada pelo servidor %s:%d [%s].", str2, Integer.valueOf(intValue), e5.resultCodeToString()));
                }
            }
            return null;
        } catch (UnsupportedEncodingException e6) {
            Server.logSevereMessage(String.format("LDAPCharSet não suportado: %s.", this.LDAPCharSet), e6);
            return null;
        }
    }

    public Session login(String str) {
        return login(str, null);
    }

    public Session login(String str, TimeZone timeZone) {
        if (str == null) {
            throw new IllegalArgumentException("token == null");
        }
        PreLoginInfo remove = this.preLoggedUsers.remove(str);
        if (remove == null) {
            Server.logWarningMessage(String.format("Tentativa de login a partir de um token não válido: %s.", str));
            return null;
        }
        User user = remove.getUser();
        Session createSession = createSession(remove);
        saveTimeZone(createSession.getKey(), timeZone);
        Server.logInfoMessage(String.format("login a partir de preLogin de %s para locale %s.", user.getLogin() + getRealUserForLog(createSession.getAttributes()), remove.getLocale()));
        return createSession;
    }

    public Session login(String str, byte[] bArr, Locale locale) {
        if (str == null || bArr == null || locale == null) {
            throw new IllegalArgumentException("(localServerName || signedLocalServerName || locale) == null");
        }
        User checkLogin = checkLogin(str, bArr);
        if (checkLogin == null) {
            return null;
        }
        Session createSession = createSession(checkLogin, locale);
        Server.logInfoMessage(String.format("Login (servidor local) de %s com locale %s.", checkLogin.getLogin(), locale));
        return createSession;
    }

    public Session login(OpenBusLoginToken openBusLoginToken, Locale locale, TimeZone timeZone) {
        if (openBusLoginToken == null) {
            throw new IllegalArgumentException("token == null");
        }
        if (locale == null) {
            throw new IllegalArgumentException("locale == null");
        }
        String str = openBusLoginToken.user;
        if (!OpenBusService.getInstance().isEnabled()) {
            Server.logWarningMessage(String.format("Não foi possível logar o usuário %s porque o OpenBus está desabilitado.", str));
            return null;
        }
        try {
            User userByLogin = User.getUserByLogin(str);
            if (userByLogin == null) {
                Server.logWarningMessage(String.format("Tentativa de login de usuário inexistente: %s.", str));
                return null;
            }
            OpenBusLoginToken doTokenLogin = OpenBusService.getInstance().doTokenLogin(openBusLoginToken);
            if (doTokenLogin == null) {
                Server.logSevereMessage(String.format("Erro ao validar o usuário %s no barramento.", str));
                return null;
            }
            HashMap hashMap = new HashMap();
            hashMap.put("CLIENT_TOKEN", doTokenLogin);
            Session createSession = createSession(new SecureKey(), userByLogin, locale, hashMap, null, null);
            saveTimeZone(createSession.getKey(), timeZone);
            Server.logInfoMessage(String.format("Login de %s com locale %s (%d sessão(ões) simultânea(s))", getLoginStr(userByLogin), locale, Integer.valueOf(this.sessionCounter.get(new SessionLimiterKey(userByLogin)).get())));
            return createSession;
        } catch (Exception e) {
            Server.logSevereMessage(String.format("Erro ao obter o usuário %s.", str), e);
            return null;
        }
    }

    private User checkLogin(String str, byte[] bArr) {
        try {
            ServerInfo serverInfo = ServerService.getInstance().getServerInfo(str);
            if (serverInfo == null) {
                Server.logWarningMessage(String.format("O servidor local %s não foi encontrado.", str));
                return null;
            }
            if (!serverInfo.isLocal()) {
                Server.logWarningMessage(String.format("O servidor %s não é um servidor local.", str));
                return null;
            }
            if (serverInfo.isSuspended()) {
                Server.logWarningMessage(String.format("O servidor local %s está suspenso.", str));
                return null;
            }
            CSKeyStore cSKeyStore = CSKeyStore.getInstance();
            if (cSKeyStore == null) {
                Server.logWarningMessage("O repositório de chaves/certificados não existe.");
                return null;
            }
            try {
                if (!cSKeyStore.containsAlias(str)) {
                    Server.logWarningMessage(String.format("O servidor local %s não possui certificado cadastrado.", str));
                    return null;
                }
                try {
                    if (!cSKeyStore.verify(str, str, bArr)) {
                        Server.logWarningMessage(String.format("A assinatura do servidor local %s está inválida.", str));
                        return null;
                    }
                    try {
                        return User.getUserByLogin((String) User.getAdminId());
                    } catch (Exception e) {
                        Server.logSevereMessage("Erro ao obter o usuário administrador.", e);
                        return null;
                    }
                } catch (CSBaseException e2) {
                    Server.logSevereMessage(String.format("Erro ao verificar a assinatura do servidor local %s.", str), e2);
                    return null;
                }
            } catch (CSBaseException e3) {
                Server.logSevereMessage(String.format("Falha ao verificar se o servidor local %s existe no repositório.", str), e3);
                return null;
            }
        } catch (OperationFailureException e4) {
            Server.logSevereMessage(String.format("Falha ao obter o servidor local %s.", str), e4);
            return null;
        }
    }

    protected Session createSession(User user, Locale locale) {
        return createSession(new SecureKey(), user, locale, null, null, null);
    }

    private Session createSession(PreLoginInfo preLoginInfo) {
        return createSession(preLoginInfo.getSessionKey(), preLoginInfo.getUser(), preLoginInfo.getLocale(), preLoginInfo.getAttributes(), preLoginInfo.getServerAttributes(), preLoginInfo.getControl());
    }

    private Session createSession(SecureKey secureKey, User user, Locale locale, Map<String, Serializable> map, Map<String, Serializable> map2, Remote remote) {
        SessionLimiterKey sessionLimiterKey = new SessionLimiterKey(user);
        AtomicInteger atomicInteger = this.sessionCounter.get(sessionLimiterKey);
        if (atomicInteger == null) {
            atomicInteger = new AtomicInteger(0);
            this.sessionCounter.put(sessionLimiterKey, atomicInteger);
        }
        if (this.maxSimultaneousSessions > 0 && atomicInteger.get() >= this.maxSimultaneousSessions) {
            Server.logWarningMessage("Usuário " + getLoginStr(user) + getRealUserForLog(map) + " excedeu o número de sessões simultâneas (" + this.maxSimultaneousSessions + ")");
            throw new PermissionException("Número máximo de sessões excedido (" + this.maxSimultaneousSessions + "). Faça logout em outras sessões para poder realizar este login.");
        }
        atomicInteger.incrementAndGet();
        try {
            Session session = new Session(user, secureKey, new ClientConnectionSpy(secureKey), map);
            ServerSession serverSession = new ServerSession(user, locale);
            serverSession.setControl(remote);
            if (map != null) {
                serverSession.putAllProperties(map);
            }
            if (map2 != null) {
                serverSession.putAllProperties(map2);
            }
            this.loggedUsers.put(secureKey, serverSession);
            fireSessionCreated(user != null ? user.getLogin() : null, secureKey, System.currentTimeMillis());
            return session;
        } catch (RemoteException e) {
            Server.logSevereMessage("Erro ao criar espião de conexão.", e);
            throw new ServiceFailureException("Erro ao criar sessão do usuário.");
        }
    }

    public boolean isValidSession(Object obj) {
        return this.loggedUsers.containsKey(obj);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void warnConnectionLost(Object obj) {
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession != null) {
            User user = serverSession.getUser();
            fireConnectionLost(user != null ? user.getLogin() : null, obj, serverSession.getApp(), System.currentTimeMillis());
            logout(obj);
        }
    }

    public void logout(Object obj) {
        if (obj == null) {
            throw new IllegalArgumentException("sessionKey == null");
        }
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession == null) {
            Server.logWarningMessage(String.format("Tentativa de logout para uma sessão inválida: %s.", obj));
            return;
        }
        MessageService.getInstance().clearMessageListener(serverSession);
        User user = serverSession.getUser();
        fireUserLoggingOut(user != null ? user.getLogin() : null, obj, serverSession.getApp(), System.currentTimeMillis());
        this.loggedUsers.remove(obj);
        notifyObservers(new LogoutEvent(obj));
        SessionLimiterKey sessionLimiterKey = new SessionLimiterKey(user);
        if (this.sessionCounter.get(sessionLimiterKey).decrementAndGet() == 0) {
            this.sessionCounter.remove(sessionLimiterKey);
        }
        Server.logInfoMessage(String.format("Logout de %s.", user.getLogin() + getRealUserForLog(serverSession.getPropertes())));
    }

    public Locale getUserSessionLocale(Object obj) {
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession == null) {
            return null;
        }
        return serverSession.getLocale();
    }

    public UserOutline[] getLoggedUsers() {
        Enumeration<ServerSession> elements = this.loggedUsers.elements();
        ArrayList arrayList = new ArrayList();
        while (elements.hasMoreElements()) {
            try {
                arrayList.add(elements.nextElement().getUser().getOutline());
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return (UserOutline[]) arrayList.toArray(new UserOutline[arrayList.size()]);
    }

    public User getUserByKey(Object obj) {
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession == null) {
            return null;
        }
        return serverSession.getUser();
    }

    public <T> T getSessionProperty(Object obj, String str) {
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession == null) {
            return null;
        }
        return (T) serverSession.getProperty(str);
    }

    public void setSessionProperty(Object obj, String str, Serializable serializable) {
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession != null) {
            serverSession.setProperty(str, serializable);
        }
    }

    public void removeSessionProperty(Object obj, String str) {
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession != null) {
            serverSession.removeProperty(str);
        }
    }

    public void setSystemName(Object obj, String str) {
        ServerSession serverSession = this.loggedUsers.get(obj);
        if (serverSession != null) {
            serverSession.setApp(str);
            User user = serverSession.getUser();
            fireSystemNameSet(user != null ? user.getLogin() : null, obj, str, System.currentTimeMillis());
        }
    }

    private void saveTimeZone(Object obj, TimeZone timeZone) {
        if (timeZone != null) {
            ServerSession serverSession = this.loggedUsers.get(obj);
            if (serverSession == null) {
                throw new IllegalStateException("Sessão inválida.");
            }
            serverSession.setTimeZone(timeZone);
        }
    }

    public TimeZone getTimeZone() {
        ServerSession serverSession = this.loggedUsers.get(getKey());
        return serverSession == null ? TimeZone.getDefault() : serverSession.getTimeZone();
    }

    public Map<String, Serializable> getSessionAttributes(Object obj) {
        if (this.loggedUsers.get(obj) != null) {
            return this.loggedUsers.get(obj).getPropertes();
        }
        return null;
    }

    public Map<String, Integer> getLoginStats(boolean z) {
        if (Service.getUser().isAdmin()) {
            return z ? Collections.unmodifiableMap(this.loginCounter) : Collections.unmodifiableMap(this.failedLoginCounter);
        }
        throw new PermissionException();
    }

    private static final String getLoginStr(User user) {
        return user.getSuperUserLogin() == null ? user.getLogin() : user.getSuperUserLogin() + ">>" + user.getLogin();
    }

    private String getRealUserForLog(Map<String, Serializable> map) {
        String str = "";
        if (map != null && map.containsKey(REAL_USER_ATTRIBUTE)) {
            str = "/realUser:" + map.get(REAL_USER_ATTRIBUTE);
        }
        return str;
    }

    public String getRealUserForLog(Object obj) {
        return getRealUserForLog(getSessionAttributes(obj));
    }
}
